I Built an npm CLI Tool That Checks If Your Project Is Deployment Ready
Deployments often fail for the smallest reasons.
A missing .env file.
A forgotten build script.
A missing Dockerfile.
An incomplete Vercel configuration.
Or accidentally exposing secrets inside the project.
Most developers discover these issues only after pushing to production.
After running into these problems repeatedly while building projects, I decided to build a tool that checks deployment readiness before deployment even happens.
So I built:
π mayur-deploy-ready
A zero-config CLI tool that analyzes your project, detects deployment issues, scans for security risks, validates platform configurations, and even auto-generates missing deployment files.
π¦ What is mayur-deploy-ready?
mayur-deploy-ready is a deployment readiness analyzer for Node.js projects.
It performs automated checks across multiple categories including:
- package configuration
- Docker setup
- security validation
- framework detection
- platform deployment configs
- CI/CD readiness
The goal is simple:
Catch deployment issues locally before they break production.
β‘ Installation
Global Install
npm install -g mayur-deploy-ready
Run the Tool
mayur-deploy-ready
π― Example Output
When you run the CLI:
mayur-deploy-ready
You get a deployment analysis report like this:
ββββββββββββββββββββββ
π DEPLOY READY
ββββββββββββββββββββββ
β package.json found
β Build script missing
β Dockerfile missing
β .env missing
ββββββββββββββββββββββ
π Deployment Score: 75/100
ββββββββββββββββββββββ
π‘ Needs Attention
The tool also provides:
- suggestions
- categorized scoring
- warnings
- deployment readiness status
π₯ Features
β Weighted Deployment Scoring
One of the most interesting parts of the project was designing the scoring architecture.
The tool calculates a deployment readiness score out of 100 using weighted categories like:
PACKAGE: 20/20
SCRIPTS: 10/20
SECURITY: 25/25
DOCKER: 5/10
FRAMEWORK: 0/10
Instead of only showing warnings, this gives developers a much clearer picture of how deployment-ready their project actually is.
The scoring system categorizes projects into:
| Score | Status |
|---|---|
| 85β100 | π’ Production Ready |
| 60β84 | π‘ Needs Attention |
| 0β59 | π΄ Unsafe Deployment |
π Advanced Security Scanning
I wanted the tool to do more than just check missing files.
So I implemented recursive security scanning that detects:
- OpenAI API keys
- MongoDB URIs
- JWT secrets
- AWS access keys
Example:
β Potential OpenAI API Key detected in src/test-secret.js
β Potential MongoDB URI detected in config/api.js
While building this feature, I learned that security scanning is much harder than it initially looks.
At first, the scanner even detected secrets inside the toolβs own internal files.
That forced me to redesign the scanner architecture with:
- configurable ignore paths
- recursive traversal
- extension filtering
- smarter regex matching
- production-style exclusions
This ended up becoming one of the most educational parts of the project.
π Auto Fix Mode
Another feature I really enjoyed building was automatic repair mode.
Run:
mayur-deploy-ready fix
The tool can automatically generate missing deployment files such as:
.gitignore.dockerignoreDockerfile.env.examplevercel.jsonrailway.json
This helps developers bootstrap deployment configurations much faster.
π€ JSON Mode for CI/CD
I also added structured JSON output.
mayur-deploy-ready --json
This makes the tool easy to integrate into:
- GitHub Actions
- Jenkins
- GitLab CI
- dashboards
- automation scripts
Example:
{
"score": 85,
"stats": {
"passed": 6,
"warnings": 2,
"errors": 0
}
}
βοΈ CI/CD Support
The tool also supports CI mode:
mayur-deploy-ready --ci
Exit codes:
-
0β deployment ready -
1β deployment unsafe
This allows deployments to fail automatically inside CI pipelines if critical deployment issues are detected.
I also added example integrations for:
- GitHub Actions
- GitLab CI
- Jenkins
inside the README documentation.
π§ What I Learned Building This
This project taught me much more than I expected.
1. CLI Development Is Different From Web Development
Building CLI tools requires thinking about:
- terminal UX
- output formatting
- developer experience
- command parsing
- readable logs
- automation compatibility
2. npm Publishing Has Real-World Edge Cases
While publishing the package, I ran into:
- npm authentication issues
- 2FA requirements
- package publishing permissions
- README caching
- Shields.io badge caching
- npm session expiration
These are things you rarely encounter while building normal frontend projects.
3. Security Tooling Requires Careful Design
The security scanner taught me an important lesson:
Naive scanning creates too many false positives.
To make the tool useful, I had to redesign the scanner with:
- ignore systems
- configurable exclusions
- smarter recursion
- safer matching logic
That experience gave me a much better understanding of developer tooling architecture.
π Project Structure
The project is organized into:
-
checks/β validation logic -
fixes/β auto-generated deployment fixes -
utils/β scoring, logging, stats -
frameworks/β framework-specific validations -
bin/index.jsβ CLI orchestration
The architecture became much larger than I originally planned, but it also helped me understand how production-style CLI tools are structured.
π Open Source
The project is fully open source.
GitHub:
https://github.com/mayurCoder2004/mayur-deploy-ready
npm:
https://www.npmjs.com/package/mayur-deploy-ready
Final Thoughts
This started as a small utility to help me avoid deployment mistakes.
But while building it, I learned:
- CLI architecture
- npm publishing workflows
- deployment tooling
- security scanning
- scoring systems
- CI/CD integration
- developer experience design
Honestly, this became one of the most educational projects Iβve built so far.
If you try it out, Iβd genuinely love feedback from other developers π
Top comments (0)